1. Field
This application relates to integrated circuit verification.
2. Description of Related Art
An important goal for high-performance electronics used in many sensitive systems, such as systems used for national defense, surveillance, cryptography, banking, the stock market, and many other applications, is to ensure a trusted supply of high performance integrated circuits (ICs) in spite of the fact that many leading-edge integrated circuit foundries and supply chains operate in un-trusted environments. As an example, the microelectronics industry, supplier of hardware capability that underlies much of America's modern commercial and military technology, has outsourced many of its critical microelectronics manufacturing capabilities from the United States to countries with lower-cost capital and operating environments. Trustworthiness and supply assurance for components used in many such commercial and military applications are natural casualties of this outsourcing process. Similarly trust in domestic supplies can also be a concern unless steps have been taken to secure these resources.
Trustworthiness can be a particular concern. This concern may be examined by an analogous example of a computer virus. When a user of a personal computer runs a version of a program that, for example, was obtained from an unknown website, there exists the possibility that the program may contain a software virus which may infect the user's computer. A malicious virus may cause various negative effects, such the slowing down of the computer, damage to other programs, hard drive errors, system crashes, the erasure of data, and the like. To help combat such problems and to help identify the virus before it can cause its damage, the user may run one of the many sophisticated antivirus programs on its computer. The antivirus software may act as a mechanism to verify the integrity of programs run on the user's computer, to thereby sift out such dangerous programs.
An analogous scenario can occur in hardware when an IC supplier or other hardware supplier relies on an un-trusted manufacturer. Because un-trusted fabrication plants and/or supply chains are not under the hardware supplier's control, there is a possibility that “Trojan horses” or other unauthorized design modifications may be inserted into ICs used in commercial and military applications. In addition, more subtle shifts in process parameters or layout line spacing of the ICs could be made which could drastically shorten the lives of components.
Currently, no equivalent of an “antivirus program” exists to identify these hardware changes to the fabricated ICs. Neither post-fabrication electrical testing nor currently available reverse engineering or inspection methods for modern ICs are capable of reliably detecting compromised microelectronic components. By way of an example, an IC may have been manufactured with an unauthorized inclusion of a special circuit that enables the IC to behave in a certain way (e.g., to cause the device to fail, or to activate another device, etc.) only when a specific code is inserted. The IC supplier may test the manufactured IC electrically and determine that the IC performs correctly as per the specifications originally defined by the supplier. Without knowing the specific code, however, the IC supplier cannot determine that an unauthorized circuit has been included in the design.
Current visual and reverse engineering inspection techniques are likewise inadequate. Transistors in IC chips currently have form factors in the tens of nanometers or less, with up to billions of transistors per chip for typical processors. The use of simple magnification methods to view the chip are inadequate due to, among other problems, the typically large number of layers of semiconductor material. One approach to inspection is to combine a physical de-layering process such as focused ion beam (FIB)/reactive ion etching or chemical-mechanical polishing (CMP) with scanning electron microscope imaging as the layers are removed. Unfortunately this process is destructive and can be long and highly labor intensive.
Even if physical de-layering techniques are not used, current x-ray microscopy methods have been deemed by practitioners in the art to be unsuitable for device verification. The common perception among these practitioners is that the use of x-rays has a tendency to damage semiconductors. Therefore, it is not widely viewed as a viable alternative to microelectronics verification.
For an entity such as the government or a computer supplier with a need for trusted electronics components, the currently-available alternative to establish a trusted supply of electronics is to build capability internally in the form of dedicated semiconductor manufacturing capacity. While this alternative has been viable historically, it is becoming cost-prohibitive. To stay on the current edge of technology, manufacturing capacity must be refreshed every couple years. In addition the cost of each new manufacturing plant continues to rise and is currently around four billion dollars per facility. This expense is a concern for both the government and most companies.
What is needed is a novel technique for verification of integrated circuits against malicious circuit insertions and modifications which overcomes the above deficiencies.